Hi Andrew,
thanks for your reply. I suspected it was a DNS issue. It seems there was a
conflict with my kerberos. Im running Samba 4.0.0 release. I installed
separately Kerberos 5.
When I do a samba domain provision, the smb.conf is generated and one
configuration under [global] is the following:
server services = rpc, nbt, wrepl, ldap, cldap, drepl, kdc, ntp_signd, kcc,
dnsupdate, smb
As you can see there is "kdc". So I suspected there was a conflict.
So I stopped the service of Kerberos5 I installed separately and restarted
samba. After this the loggin was very fast and by debugging I could see the
authentication was done via kerberos.
Now Im having another problem. If you can help me I would appreciate.
>From a XP machine and after a successful login, I want to access the
following shared folder:
[shared]
path = /var/lib/samba/usershares
read only = No
I see the folder "shared" on windows explorer, thats fine, but when I
want to open it, Im asked again for username and password. I put the same
username and password I used for the login, but nothing happens I get asked
again and again for username and password, it seems my xp machine does not
connect to samba for user validation, I dont even see on the debug (level 3)
from samba that the username and password is validated. What could be the
reason?
Any help or tip would be much appreciated.
Thanks and regards,
Fabian
On 02/03/2013 07:46 AM, Andrew Bartlett wrote:> On Sun, 2013-02-03 at 00:27 -0500, Fabian von Romberg wrote:
>> Hi,
>>
>> when I logon from windows machine, the username is validated against
samdb. How can user be validated against Kerberos5 (principals)?
>
> Clients of a Samba 4.0 AD DC will use kerberos for the domain login when
> network configurations permit it (such as correct DNS). This is
> validated by the KDC against the same database (samdb) that NTLM logins
> work against, to ensure consistent behaviour for the user.
>
> Andrew Bartlett
>